transportoption() = {cb_info, {CallbackModule::atom(), DataTag::atom(), ClosedTag::atom(), ErrTag:atom()}}
- defaults to {gen_tcp, tcp, tcp_closed, tcp_error}. Can be used to customize
the transport layer. The callback module must implement a reliable transport
protocol and behave as gen_tcp and in addition have functions corresponding to
inet:setopts/2, inet:getopts/2, inet:peername/1, inet:sockname/1 and inet:port/1.
The callback gen_tcp is treated specially and will call inet directly.

The DER encoded users private key. If this option
is supplied it will override the keyfile option.

{keyfile, path()}

Path to file containing user's
private PEM encoded key. As PEM-files may contain several
entries this option defaults to the same file as given by
certfile option.

{password, string()}

String containing the user's password.
Only used if the private keyfile is password protected.

{cacerts, [der_encoded()]}

The DER encoded trusted certificates. If this option
is supplied it will override the cacertfile option.

{ciphers, ciphers()}

The cipher suites that should be supported. The function
cipher_suites/0 can be used to find all ciphers that are
supported by default. cipher_suites(all) may be called
to find all available cipher suites.
Pre-Shared Key (RFC 4279 and
RFC 5487),
Secure Remote Password (RFC 5054)
and anonymous cipher suites only work if explicitly enabled by
this option and they are supported/enabled by the peer also.
Note that anonymous cipher suites are supported for testing purposes
only and should not be used when security matters.

{ssl_imp, new | old}

No longer has any meaning as the old implementation has
been removed, it will be ignored.

{secure_renegotiate, boolean()}

Specifies if to reject renegotiation attempt that does
not live up to RFC 5746. By default secure_renegotiate is
set to false i.e. secure renegotiation will be used if possible
but it will fallback to unsecure renegotiation if the peer
does not support RFC 5746.

{depth, integer()}

The depth is the maximum number of non-self-issued
intermediate certificates that may follow the peer certificate
in a valid certification path. So if depth is 0 the PEER must
be signed by the trusted ROOT-CA directly, if 1 the path can
be PEER, CA, ROOT-CA, if it is 2 PEER, CA, CA, ROOT-CA and so
on. The default value is 1.

The verify fun will be called during the X509-path
validation when an error or an extension unknown to the ssl
application is encountered. Additionally it will be called
when a certificate is considered valid by the path validation
to allow access to each certificate in the path to the user
application. Note that it will differentiate between the
peer certificate and CA certificates by using valid_peer or
valid as the second argument to the verify fun. See the public_key User's
Guide for definition of #'OTPCertificate'{} and
#'Extension'{}.

If the verify callback fun returns {fail, Reason}, the
verification process is immediately stopped and an alert is
sent to the peer and the TLS/SSL handshake is terminated. If
the verify callback fun returns {valid, UserState}, the
verification process is continued. If the verify callback fun
always returns {valid, UserState}, the TLS/SSL handshake will
not be terminated with respect to verification failures and
the connection will be established. If called with an
extension unknown to the user application, the return value
{unknown, UserState} should be used.

Possible path validation errors are given on the form {bad_cert, Reason} where Reason is:

unknown_ca

No trusted CA was found in the trusted store. The trusted CA is
normally a so called ROOT CA that is a self-signed cert. Trust may
be claimed for an intermediat CA (trusted anchor does not have to be self signed
according to X-509) by using the option partial_chain

Claim an intermediat CA in the chain as trusted. TLS will then perform the public_key:pkix_path_validation/3
with the selected CA as trusted anchor and the rest of the chain.

{versions, [protocol()]}

TLS protocol versions that will be supported by started clients and servers.
This option overrides the application environment option protocol_version. If the
environment option is not set it defaults to all versions supported by the SSL application. See also
ssl(6)

{hibernate_after, integer()|undefined}

When an integer-value is specified, the ssl_connection
will go into hibernation after the specified number of milliseconds
of inactivity, thus reducing its memory footprint. When
undefined is specified (this is the default), the process
will never go into hibernation.

For Pre-Shared Key (PSK) cipher suites, the lookup fun will
be called by the client and server to determine the shared
secret. When called by the client, PSKIdentity will be set to the
hint presented by the server or undefined. When called by the
server, PSKIdentity is the identity presented by the client.

For Secure Remote Password (SRP), the fun will only be used by the server to obtain
parameters that it will use to generate its session keys. DerivedKey should be
derived according to RFC 2945 and
RFC 5054:
crypto:sha([Salt, crypto:sha([Username, <<$:>>, Password])])

If precedence is server the negotiated protocol will be the
first protocol that appears on the server advertised list that is
also on the client preference list.

If precedence is client the negotiated protocol will be the
first protocol that appears on the client preference list that is
also on the server advertised list.

If the client does not support any of the server advertised
protocols or the server does not advertise any protocols the
client will fallback to the first protocol in its list or if a
default is supplied it will fallback to that instead. If the
server does not support Next Protocol Negotiation the
connection will be aborted if no default protocol is supplied.

{psk_identity, string()}

Specifies the identity the client presents to the server. The matching secret is
found by calling the user_look_fun.

{srp_identity, {Username :: string(), Password :: string()}

Specifies the Username and Password to use to authenticate to the server.

{server_name_indication, hostname()}

{server_name_indication, disable}

This option can be specified when upgrading a TCP socket to a TLS
socket to use the TLS Server Name Indication extension.

When starting a TLS connection without upgrade the Server Name
Indication extension will be sent if possible, this option may also be
used to disable that behavior.

Options described here are server specific or has a slightly different
meaning in the server than in the client.

{cacertfile, path()}

The path to a file containing PEM encoded CA
certificates. The CA certificates are used to build the server
certificate chain, and for client authentication. Also the CAs
are used in the list of acceptable client CAs passed to the
client when a certificate is requested. May be omitted if there
is no need to verify the client and if there are not any
intermediate CAs for the server certificate.

{dh, der_encoded()}

The DER encoded Diffie Hellman parameters. If this option
is supplied it will override the dhfile option.

{dhfile, path()}

Path to file containing PEM encoded Diffie Hellman parameters,
for the server to use if a cipher suite using Diffie Hellman key exchange
is negotiated. If not specified default parameters will be used.

{verify, verify_type()}

Servers only do the x509-path validation in verify_peer
mode, as it then will send a certificate request to the client
(this message is not sent if the verify option is verify_none)
and you may then also want to specify the option
fail_if_no_peer_cert.

{fail_if_no_peer_cert, boolean()}

Used together with {verify, verify_peer} by an ssl server.
If set to true, the server will fail if the client does not have
a certificate to send, i.e. sends a empty certificate, if set to
false it will only fail if the client sends an invalid
certificate (an empty certificate is considered valid).

{reuse_sessions, boolean()}

Specifies if the server should agree to reuse sessions
when the clients request to do so. See also the reuse_session
option.

Enables the ssl server to have a local policy
for deciding if a session should be reused or not,
only meaningful if reuse_sessions is set to true.
SuggestedSessionId is a binary(), PeerCert is a DER encoded
certificate, Compression is an enumeration integer
and CipherSuite is of type ciphersuite().

{next_protocols_advertised, Protocols :: [binary()]}

The list of protocols to send to the client if the client indicates
it supports the Next Protocol extension. The client may select a protocol
that is not on this list. The list of protocols must not contain an empty
binary. If the server negotiates a Next Protocol it can be accessed
using negotiated_next_protocol/1 method.

{psk_identity, string()}

Specifies the server identity hint the server presents to the client.

{log_alert, boolean()}

If false, error reports will not be displayed.

{honor_cipher_order, boolean()}

If true, use the server's preference for cipher selection. If false
(the default), use the client's preference.

EXPORTS

Returns a list of supported cipher suites.
cipher_suites() is equivalent to cipher_suites(erlang).
Type openssl is provided for backwards compatibility with
old ssl that used openssl. cipher_suites(all) returns
all available cipher suites. The cipher suites not present
in cipher_suites(erlang) but in included in cipher_suites(all)
will not be used unless explicitly configured by the user.

This function receives a packet from a socket in passive
mode. A closed socket is indicated by a return value
{error, closed}.

The Length argument is only meaningful when
the socket is in raw mode and denotes the number of
bytes to read. If Length = 0, all available bytes are
returned. If Length > 0, exactly Length
bytes are returned, or an error; possibly discarding less
than Length bytes of data when the socket gets closed
from the other side.

The optional Timeout parameter specifies a timeout in
milliseconds. The default value is infinity.

Use the pseudo random function (PRF) of a TLS session to generate
additional key material. It either takes user generated values for
Secret and Seed or atoms directing it use a specific
value from the session security parameters.

This function can only be used with TLS connections, {error, undefined}
is returned for SSLv3 connections.

Initiates a new handshake. A notable return value is
{error, renegotiation_rejected} indicating that the peer
refused to go through with the renegotiation but the connection
is still active using the previously negotiated session.

If Socket is a socket() - upgrades a gen_tcp, or equivalent, socket to an ssl socket
i.e. performs the SSL/TLS server-side handshake and returns the ssl socket.

Warning

Note that the listen socket should be in {active, false} mode
before telling the client that the server is ready to upgrade
by calling this function, otherwise the upgrade may
or may not succeed depending on timing.

If Socket is an sslsocket() - provides additional SSL/TLS options to those specified in ssl:listen/2 and then performs the SSL/TLS handshake.

Accepts an incoming connection request on a listen socket.
ListenSocket must be a socket returned from
ssl:listen/2.
The socket returned should be passed to
ssl:ssl_accept[2,3]
to complete handshaking i.e
establishing the SSL/TLS connection.

Warning

The socket returned can only be used with
ssl:ssl_accept[2,3]
no traffic can be sent or received before that call.

The accepted socket inherits the options set for
ListenSocket in ssl:listen/2.

The default
value for Timeout is infinity. If
Timeout is specified, and no connection is accepted
within the given time, {error, timeout} is
returned.